Microsoft Azure - Add Storage Blob Owner Role Assignment For Azure AD User

Microsoft Azure - Create and Assign Policy for "Not Allowed Resource Types"

Last Updated : 30 Mar, 2023

Pre-requisite: Azure

In this article, we will show you how to deny the resource creation of your choice on azure subscriptions or management groups by implementing a rule policy. By implementing this policy on the specific subscription you can restrict your subscription users to create unwanted resources and also reduce the additional cost incurred. Let's get started by implementing one.

Pre-requisites: Owner access on subscription or management group is required to implement this policy on target azure subscription scope.

Steps to Create and Assign Policy

Step 1: Log in to Azure Portal.

Step 2: Go to Policy >> then from the menu select Authoring >> Definitions.

Step 3: Type in and search for "Not Allowed Resource Types" and select.

policy definition

Step 4: Click on the Assign to implement the rule.

not allowed policy

Step 5: Under the section of Basics, select the Scope of the subscription which you want to restrict the creation and enable policy enforcement.

config

Step 6: Switch to the Parameters tab and choose the required resource type to restrict creation with this "Not Allowed Resource Types".

Example: We have selected "public clouds" You can select as many as you wish to restrict in the same policy.

paramters

Step 7: Click on Review + Create.

By applying this policy, If someone tries to public clouds in a subscription it will deny to create it and says it's against policies in the notification.

Microsoft Azure - Add Storage Blob Owner Role Assignment For Azure AD User

jaysurya9

Improve

Article Tags :

Similar Reads

Microsoft Azure - How to a Add a Tag Policy for Resource Group?

Pre-requisite: Azure Here in this article, we will show how to assign and Add a Tag Policy for Resource Group in Azure from Azure Portal. With this Add a Tag Policy for Resource Groups we can maintain Real-time control and compliance assessment at scale for all the resource groups within a scope. As

Microsoft Azure - Add Storage Blob Owner Role Assignment For Azure AD User

In this article, you will see how you can add Storage Blob Owner role assignment for active directory users for granting permissions to operate on the storage account level and to grant permissions to other users within the storage account level. The main purpose of Storage Blob Data Owner is it all

Microsoft Azure - Add Assignment to Custom Policy Initiative

In this article, we will add an assignment to an already existing custom policy initiative definition using azure PowerShell commands. Here policy assignment is a kind of instructions to apply or stop the action of policies on Azure resources. We can restrict a few executions, update, creations, mod

Microsoft Azure - Add CanNotDelete Lock on Azure Resource Group via Portal

Pre-requisite:- Azure CanNotDelete Lock on Azure is a kind of Lock Protection against accidental deletion and modification. It allows only authorized users to delete or modify this CanNotDelete Lock on the resource group. Adding CanNotDelete Lock on Azure Resource Group via Portal is super simple. I

Microsoft Azure - Moving Resources Among Groups

In this article we learn how to move resources between resource groups. So, letâ€™s try to move some of your resources to the Azure Portal. You can see that you have landed on Azure Home and you can see that you have some of your favorite services on top that you have recently clicked on as well as so

Microsoft Azure - Resource Tagging and Best Practices

Tagging is used to organize your Azure resources, resource groups, subscriptions, and management groups hierarchy. Each tag consists of a name and a value pair. If you were working at the project level there should be some tagging compliance to organize your Azure resources, resource groups, subscri

Microsoft Azure - Get Unused App Service Plans and Resource Groups in Azure Portal

Pre-requisite: AZURE In this article, we will be using the resource graph query to find the unused Azure App Service Plans and unused Azure Resource Groups. For this will be using the Resource Graph Explorer which is an Azure native tool that can be accessed from Azure Portal with ease. To run the K

Microsoft Azure - Create Resource Group with Tags using PowerShell

Pre-requisite: Microsoft Azure: Resource Tagging and Best Practices In this article, I am going to show you how to create resource groups with tags using PowerShell in Microsoft Azure from Azure Cloud Shell in simple easy steps. Let's get started. Prerequisite: Contributor Access on Subscription to

Microsoft Azure - Export Policy Assignments

Pre-requisite: Azure In this article, we will show you how to export the azure policy assignments from a select Azure Subscription from the Azure Cloud Shell with the help of Azure PowerShell run commands. To export the list of azure policy assignments one should require the RBAC reader access role

Microsoft Azure - Advanced Threat Protection for Azure SQL Database

In this article, we will look into how to configure Advanced Threat Protection in Azure SQL Database. Advanced Threat Protection is a feature of Azure SQL Database that detects security threats and anomalies and lets you know about them so that you can act. Follow the below steps to configure it: St